# encoding: utf-8
class Frontend::PortalController < ApplicationController
  before_filter :login_required, :only => "updateprofile"
  def index
    if session[:student].present?
      @welcome = t"general.welcomeback", :name => current_student[:login]
    else
      @welcome = t"general.welcome"
    end
    @activities = StudentActivity.joins(:student).page(params[:page]).per(8)
  end

  def dologin
    if request.post?
      if (session[:student] = Student.authenticate(params[:login], params[:password]))
        flash[:notice]  = t"general.login.success"
      else
        flash[:warning] = t"general.login.fail"
      end
      redirect_to_stored
    end
  end

  def register
    if session[:student].present?
      redirect_to_home
    end
    if request.post?
      @student = Student.new(:login => params[:loginname], :email => params[:email], :password => params[:password])
      if @student.save
        @student_profile = StudentProfile.new(:student_id => @student.id)
        @student_profile.save
        session[:student] = Student.authenticate(@student.login, @student.password)
        flash[:notice] = t"general.signup.success"
        redirect_to_home
      else
        flash[:alert] = []
        flash[:alert] << (t "general.signup.fail")
        @student.errors.each {|msg| p flash[:alert] << (t("register.form."+msg.to_s)+" ")}
        redirect_to_stored
      end
    end
    #render "frontend/portal/register", :layout => "onecolumn"
  end

  def logout
    session[:student] = nil
    flash[:notice] = t"general.logout.success"
    redirect_to_home
  end

  def forgotpass
    @show_form = true
    if request.post?
      u = Student.find_by_email(params[:email])
      if u and u.new_password_request
        flash.now.notice  = t"forgotpass.mail.flashmessage.success"
        @show_form = false
      else
        if u.nil?
          flash.now.alert  = t"forgotpass.mail.flashmessage.bademail"
        else
          flash.now.alert= t"forgotpass.mail.flashmessage.failsend"
        end
      end
    end
  end

  def resetpassword
    @login = params[:login]
    @key = params[:key]
    if (u=Student.check_reset_password(@login,@key))
       @show_form = true
    else
      flash.now.alert = t"resetpass.error.wrongparameters"
      @show_form = false
    end
    if request.post? and u
      if params[:password] == params[:password_confirm]
        u.change_password(params[:password])
        flash.now.notice  = t"resetpass.mail.flashmessage.success"
        @show_form = false
      else
        flash.now.alert = t"resetpass.mail.flashmessage.failsend"
      end
    end
  end

  def updateprofile
    if current_student==nil and session[:profile_updated].nil?
      flash[:alert] = t"general.login.logintocontinue"
      session[:return_to]=request.fullpath
      redirect_to :root
    end
    @student = Student.find_by_login(current_student[:login].to_s)
    if @student.nil?
      flash[:notice] = t"updateprofile.success.needrelogin"
      session[:student] = nil
      redirect_to request.fullpath
    else
      @student_profile = @student.student_profile
    end

    if @student_profile.nil?
      @student_profile = StudentProfile.new()    #prevent unidentified object error
    end
    if request.post?
      if @student.nil?
        flash.now.alert = t"updateprofile.error.wrongparameters"
      else
        callback = @student.update_profile(params)
        if callback.nil? or callback.blank?
          session[:profile_updated] = true
          flash[:notice] = t"updateprofile.success.profileupdated"
          redirect_to request.fullpath
        else
          flash[:alert] = callback
        end
      end
    end
  end

  #display info
  def info
  end

  def access_denied
    if current_student
      admin_log(current_student[:login]+" truy cập hệ thống trái phép.")
    end
  end
end
